Paul Ducklin and Chester Wisniewski investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014. Don't worry: even if you have computers that you simply won't be able to update in time, for example because they run bespoke industrial control software, or a legacy financial application, Duck and Chet have some healthy suggestions for you. They also share some insights into why Microsoft hasn't simply packed all the improved security components fro...
Nov 14, 2013•18 min
Chet and Duck deal with: November's Patch Tuesday, whether or not hacking attacks are getting worse, whether Anonymous defacements count as "hacking", an esoteric bug in OpenSSH, and the lessons to learn from Adobe's megabreach.
Nov 13, 2013•14 min
Chet and Duck discuss the latest Microsoft zero-day, the latest code verification flaw in Android (the third bug of the same sort in the same part of the code!), and whether version numbers are becoming an irrelevancy as products "just update" anyway.
Nov 07, 2013•14 min
Chet and Duck discuss WordPress autoupdating; OS X's giant new wave, Mavericks; iCloud and 2FA; smartphone tracking by retailers; and security in pacemakers and other medical devices.
Oct 28, 2013•13 min
Chet and Duck discuss Oracle's monster Java patch, Joel's backdoor in D-Link routers, Cryptolocker and WhatsApp's demonstration of why you shouldn't roll your own crypto.
Oct 27, 2013•14 min
Chet interviews Robert Slade a well known anti-virus expert for National Cyber Security Awareness Month #NCSAM. Rob shares his thoughts on how average folks can stay safer online.
Oct 27, 2013•13 min
Chet and Duck are back on the regular schedule and talked about the 10th anniversary of Patch Tuesday, Adobe going "open source" and the alleged demise of the Dread Pirate Roberts.
Oct 27, 2013•14 min
In the last third of Sophos Security Chet Chat 118 Chet interviews Vanja Svajcer from SophosLabs about his presentation on potentially unwanted Android apps. Many users are being inundated with advertising pop-ups and other pesky behaviours, leading security vendors toward providing tools to block these apps.
Oct 27, 2013•12 min
As a reminder to everyone that it is National Cyber Security Awareness Month #NCSAM, Chet and Duck remind our listeners to do the three things to help themselves and others stay safer online.
Oct 27, 2013•9 min
Chester interviews James Wyke of SophosLabs UK about his presentation on the Zero Access Trojan at this year's Virus Bulletin conference in Berlin, Germany.
Oct 27, 2013•8 min
This week Chet and Duck talk about Apple, Apple, iOS, Apple, OS X, lots of patches, browser trust and Facebook privacy.
Oct 27, 2013•15 min
Make sense of vulnerability jargon by listening to this 15 minute podcast... With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.
Oct 27, 2013•15 min
In this episode of SSCC Chet and Duck talk about Google Authenticator temporarily forgetting its seeds, Apple bugs, Facebook data probes and an increase in WordPress phishing.
Oct 27, 2013•13 min
Chet and Duck discuss XP "as a giant 0-day", password practices in light of LastPass's recent vulnerability and the next generation of the HTTP protocol.
Oct 27, 2013•16 min
Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest security news: Android random number flaw implicated in Bitcoin thefts, OpenX ad servers "pre-compromised", Lavabit and Silent Circle suspend operation, winners of Black Hat 2013 #sophospuzzle.
Oct 27, 2013•14 min
Chet and Duck talk about the stolen "master Android keys", Tumblr security flaws, Club Nintendo password woes and the new Sophos puzzle for BlackHat 2013.
Oct 27, 2013•15 min
In this podcast Chester and Duck tackle 'Keyjacking', obfuscated data breach notification letters and Apple's iOS WPA2 passphrases being a little too easy.
Oct 27, 2013•14 min
Security experts Chester 'Chet' Wisniewski and Paul 'Duck' Ducklin discuss the latest security news: the leak behind PRISM, Swedish against Google's cloud, and BlackBerry ships Flash on its latest smartphones.
Oct 27, 2013•15 min
Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest security news: Microsoft reading Skype messages, the IP Commission Report, small business cybersecurity, and AusCERT 2013 #SophosPuzzle.
Oct 27, 2013•15 min
Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest security news: Name.com breach (and others), laptop theft, casher crews, LulzSec busts, Patch Tuesday.
Oct 27, 2013•15 min
In this podcast Chester interviews Parmy Olson author of "We are Anonymous" about her thoughts on LulzSec, their sentencing and the Anonymous movement. Parmy also shares some of her thoughts on Firefox OS and other developments from Mobile World Congress 2013.
Oct 27, 2013•19 min
Chester calls home from Interop in Las Vegas to record the latest episode of the Sophos Security Chet Chat. Duck explains a WWII steganography technique and introduces a contest. Chester and Duck then discuss internet camera vulnerabilities, game software rigged to mint Bitcoins and more password database breaches.
Oct 27, 2013•14 min
Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest: Boston marathon bombing scams, Hostgator's hack, Safari's Java safety update, pwning planes with an Android app, and Facebook Home and "Cover Feed".
Oct 27, 2013•14 min
To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without. Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.
Oct 27, 2013•16 min
This week's Chet Chat has Duck and Chet discuss the DOD BYOD policy, malware posing as multi-function printers, WordPress adopting 2FA and two new browser rendering engines competing on both performance and security.
Oct 27, 2013•16 min
Chet and Duck discuss debuggy HP printer firmware, ad-supported phone apps, scans of the whole internet, Apple introducing 2 step authentication, link morphing and Internet Explorer 11.
Oct 27, 2013•15 min
Chet inteviews the writer and director of hacker film "Code 2600" and Austin BSides organizers/consultants Michael Gough and Ian Robertson. We also introduce the new kickstarter "Hackers in Uganda".
Oct 27, 2013•20 min
Guest Paul Ducklin and host Chester Wisniewski talk about RSA Conference 2013, CanSecWest 2013, Vancouver's first Security BSides, PWN2OWN, the cPanel break-in and cloud security.
Oct 27, 2013•15 min
This week Chet and Duck discuss Mandiant's APT1 report, the alleged watering hole attack against iOS developers and Twitter hacks.
Oct 27, 2013•15 min
Chet and Duck tackle the weeks news including UPnP, the Balmital botnet take down, Flash patches for Windows and OS X and the Lucky Thirteen SSL/TLS weakness.
Oct 27, 2013•15 min
